Put the access point in the right place: Start with the basics - within your network configuration, ensure wireless access points are outside the perimeter firewall. This will give you an extra layer of defence to your network, based on the premise that all wireless users are untrusted.

At a recent Defcon convention in Las Vegas, engineers from AirDefense (www.airdefense.net), a purveyor of intrusion-detection systems (IDSs) for WLANs, detected 807 attacks over the course of two hours. More than half the attacks were probes from tools like Netstumbler, which are used by hackers and administrators to detect vulnerabilities in WLAN environments. Another quarter of the attacks were identity thefts, including MAC (Media Access Control) address spoofing. But about 125 attacks represented more sophisticated threats unique to WLANs. These included RF jamming at the physical layer, attacks on specific stations that continually disconnected them from access points, rerouting of traffic through hostile stations, and a new set of attacks that use wireless management frames to launch attacks.